Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Skip admin and change oidc user not found message more readable #21061

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

stonezdj
Copy link
Contributor

@stonezdj stonezdj commented Oct 18, 2024

fixes #21041
verified in local env
Thank you for contributing to Harbor!

Comprehensive Summary of your change

Issue being fixed

Fixes #(issue)

Please indicate you've done the following:

  • Well Written Title and Summary of the PR
  • Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
  • Accepted the DCO. Commits without the DCO will delay acceptance.
  • Made sure tests are passing and test coverage is added if needed.
  • Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.

Copy link

codecov bot commented Oct 18, 2024

Codecov Report

Attention: Patch coverage is 0% with 8 lines in your changes missing coverage. Please review.

Project coverage is 66.08%. Comparing base (c8c11b4) to head (c6ce7bc).
Report is 332 commits behind head on main.

Files with missing lines Patch % Lines
src/server/middleware/security/oidc_cli.go 0.00% 5 Missing ⚠️
src/pkg/oidc/secret.go 0.00% 3 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main   #21061       +/-   ##
===========================================
+ Coverage   45.36%   66.08%   +20.71%     
===========================================
  Files         244     1049      +805     
  Lines       13333   114661   +101328     
  Branches     2719     2867      +148     
===========================================
+ Hits         6049    75768    +69719     
- Misses       6983    34749    +27766     
- Partials      301     4144     +3843     
Flag Coverage Δ
unittests 66.08% <0.00%> (+20.71%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
src/pkg/oidc/secret.go 24.67% <0.00%> (ø)
src/server/middleware/security/oidc_cli.go 62.50% <0.00%> (ø)

... and 1286 files with indirect coverage changes

---- 🚨 Try these New Features:

@ianseyer
Copy link

+1, this would be very helpful

@OrlinVasilev
Copy link
Member

+1

@stonezdj stonezdj force-pushed the 24oct18_oidc_admin_error branch 2 times, most recently from 93cfdc4 to c6ce7bc Compare November 19, 2024 04:40
@stonezdj stonezdj added target/2.13.0 issues that are targeting v2.13.0 and removed candidate/2.13.0 labels Nov 20, 2024
  fixes goharbor#21041

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
@stonezdj stonezdj force-pushed the 24oct18_oidc_admin_error branch from c6ce7bc to 58b9680 Compare November 20, 2024 02:56
@peters-david
Copy link

+1

user, err2 := uctl.GetByName(ctx, username)
// skip to log the error if the user is the admin user
if err2 == nil && user != nil && user.UserID == 1 {
return nil
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Log at debug level for admin users as this might be expected

logger.Debugf("OIDC verification failed for admin user %s: %v", username, err)

@@ -86,6 +87,9 @@ var m SecretManager = &defaultManager{
func (dm *defaultManager) VerifySecret(ctx context.Context, username string, secret string) (*UserInfo, error) {
log.Debugf("Verifying the secret for user: %s", username)
oidcUser, err := dm.metaDao.GetByUsername(ctx, username)
if strings.Contains(err.Error(), "no row found") {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking error strings is fragile. Would not be better to:

  1. Use proper error types or sentinel errors
  2. Check if the error implements a specific interface

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release-note/update Update or Fix target/2.13.0 issues that are targeting v2.13.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Admin, error: failed to get oidc user info, error: <QuerySeter> no row found
8 participants